.NET Authorization

<allow   (or <deny)
   users="comma-separated list of users"
   roles="comma-separated list of roles"
   verbs="comma-separated list of verbs"
/>
Two special identities:
* Refers to all identities
? Refers to the anonymous identity
Typical scenario, when you need to allow some roles, but not any authenticated users you will write: <allow roles="someusers, administrators"/> <deny users="*" />
The order in which those elements appear determines the inportance.
In the example above although all users are denied access by deny *,
someusers and administrators will still have access,
because corresppopnding allow was placed above deny.
Posted on by tiramesu

3 Responses to .NET Authorization

  1. andrea massi says:

    I liked your article is an interesting technology
    thanks to google I found you

  2. max Adnerson says:

    Thank you so much for this blog! Information that I found here was very usefull for me=)

  3. pozycjono wanie says:

    Thanks for the information, I really enjoyed the post.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>